log Integration
file-analysis (en)


ServicePilot log-file-analysis


# Log File Analysis

Overview

This package contains the basis for monitoring information extracted from a log file.

Description

This package is a template that defines a class used to receive information extracted from a log file using the ServicePilot Agent.

This template cannot be used directly. Instead, the class defined in this package needs to be customized to contain log field definitions appropriate to the fields the ServicePilot Agent will send.

The ServicePilot Agent also needs to be configured to extract information from a log file, parse this information and then present it to ServicePilot in the form expected by the log class.

An object based on the log class is instantiated automatically based on view parameters specified in the ServicePilot Agent configuration.

Requirements

  • Network Flows - It is mandatory that the network continuity is ensured. In case of a network infrastructure using a firewall, all the ports below must be opened

    • ServicePilot Manager Web server access (by default TCP/80 when using HTTP or TCP/443 when using HTTPS although this port is configurable): Between ServicePilot Agent and ServicePilot Manager
  • ServicePilot Requirements

    • ServicePilot Manager minimum version: 8.5
    • ServicePilot Agent minimum version: 8.5 installed and configured

Installation

Before adding a resource to monitor, make certain that all pre-requisites are in place and if a ServicePilot Agent is required, that it is communicating correctly with the ServicePilot Manager. Resources can be added to ServicePilot configuration in a number of ways:

Add resource using Views Configuration web interface

  1. As an administrative user of ServicePilot, open the ServicePilot web interface.
  2. Navigate to Administration. The Configuration > Views web page will open.
  3. Click on the view in which to place the new resource in the Views hierarchy on the left of the interface. The View editor section will show the existing view contents.
  4. From the Packages list on the right of the interface, click and drag the log-file-analysis package into the View editor and let go.
  5. The Package properties dialog box will open to allow resource configuration.
  6. Click OK to close the Package properties dialog box. Note that the dialog box will not close if required parameters are not set.
  7. Click Save to apply the new resource to ServicePilot configuration.

Add resource by changing servicepilot.conf configuration file

Resources can be added to ServicePilot configuration by directly editing the servicepilot.conf or other included YAML configuration files. The ServicePilot web interface can be used to make these changes and apply them to the running configuration.

  1. As an administrative user of ServicePilot, open the ServicePilot web interface.
  2. Navigate to Administration.
  3. Navigate to Configuration > Edit configuration.
  4. Expand the configuration to find the provisioning: and then packages: section of the view in which the new resource will be placed.
  5. Add the example package configuration line below.
  6. Click on the green - package: word to open then Package properties dialog box to allow resource configuration.
  7. Click OK to close the Package properties dialog box. Note that the dialog box will not close if required parameters are not set.
  8. Click Save to apply the new resource to ServicePilot configuration.

Example:

- package: "log-file-analysis;;;;;;;;log-file-analysis;"

Key field notes

  1. In the Monitoring Policies tab, specify the policy or policies to apply to the package

  2. Parsing Parameters tab:

    1. Line Research Condition: Capture log lines that contain this key string.
    2. Polling Interval (sec): Specify the time interval (in seconds) at which ServicePilot will poll the database (default 60)

Notes

  • The ServicePilot Agent must be installed on a server with access to the log files. It is highly recommended that this be the server that generating the logs rather than a remotely accessed file.